Abstract
Critical infrastructures (CIs) provide important services to society and economy, like electricity, or communication networks to enable telephone calls and internet access. CI services are expected to provide safety and security features like data Confidentiality and Integrity as well as to ensure service Availability (CIA). The complexity and interdependency of CI services makes it hard for CI providers to guarantee those features or even to be able to monitor the CIA risk by taking into account that an incident in one CI service can cascade to another CI service due to a dependency.
This work presents a tool implementing a previously published Bayesian network based CI risk model which attempts to address the challenges of interdependent CI risk monitoring. While Bayesian networks provide a great theoretical basis for CI risk monitoring, tool support to cover the challenges in this field is missing. The tool was implemented to provide visual guidance for domain experts to generate a CI risk model from real-world CIs and to simulate/emulate risk scenarios based on this model.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D.: Real-time security monitoring of interdependent services in critical infrastructures. case study of a risk-based approach. In: 21th European Safety and Reliability Conference, ESREL 2010 (September 2010)
Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D., Gateau, B.: Risk-based methodology for real-time security monitoring of interdependent services in critical infrastructures. In: ARES 2010 International Conference on Availability, Reliability, and Security, pp. 262–267 (February 2010)
Baiardi, F., Telmon, C., Sgandurra, D.: Hierarchical, Model-based Risk Management of Critical Infrastructures. Reliability Engineering & System Safety (9), 1403–1415 (2009); ESREL 2007, the 18th European Safety and Reliability Conference
Caldeira, F., Schaberreiter, T., Monteiro, E., Aubert, J., Simoes, P., Khadraoui, D.: Trust based interdependency weighting for on-line risk monitoring in interdependent critical infrastructures. In: 2011 6th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1–7 (September 2011)
Eronen, J., Laakso, M.: A case for protocol dependency. In: IEEE International Workshop on Critical Infrastructure Protection, pp. 22–32 (2005)
Haimes, Y.Y., Kaplan, S., Lambert, J.H.: Risk filtering, ranking, and management framework using hierarchical holographic modeling. In: Risk Analysis. Society for Risk Analysis (2002)
Haslum, K., Arnes, A.: Multisensor real-time risk assessment using continuous-time hidden markov models. In: 2006 International Conference on Computational Intelligence and Security, pp. 1536–1540 (2006)
Panzieri, S., Setola, R., Ulivi, G.: An approach to model complex interdependent infrastructures. In: 16th IFAC World Congress, CISIA, Critical Infrastructures (2005)
Pietikäinen, P., Karjalainen, K., Eronen, J., Röning, J.: Socio-technical security assessment of a voip system. In: The Fourth International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (July 2010)
Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine, 11–25 (2001)
Schaberreiter, T., Aubert, J., Khadraoui, D.: Critical infrastructure security modelling and resci-monitor: A risk based critical infrastructure model. In: IST-Africa Conference Proceedings, pp. 1–8 (May 2011)
Schaberreiter, T., Bonhomme, C., Aubert, J., Incoul, C., Khadraoui, D.: Support tool development for real-time risk prediction in interdependent critical infrastructures. In: Risk and Trust in Extended Enterprises (RTEE 2010) Workshop. ISSRE Wksp 2010. IEEE International Symposium on Sofware Reliability Engineering (November 2010)
Schaberreiter, T., Bouvry, P., Röning, J., Khadraoui, D.: A bayesian network based critical infrastructure risk model. In: Schütze, O., Coello Coello, C.A., Tantar, A.-A., Tantar, E., Bouvry, P., Del Moral, P., Legrand, P. (eds.) EVOLVE - A Bridge Between Probability, Set Oriented Numerics, and Evolutionary Computation II. AISC, vol. 175, pp. 207–218. Springer, Heidelberg (2012)
Schaberreiter, T., Caldeira, F., Aubert, J., Monteiro, E., Khadraoui, D., Simones, P.: Assurance and trust indicators to evaluate accuracy of on-line risk in critical infrastructures. In: 6th International Conference on Critical Information Infrastructure Security, CRITIS 2011 (2011)
Schaberreiter, T., Kittilä, K., Halunen, K., Röning, J., Khadraoui, D.: Risk assessment in critical infrastructure security modelling based on dependency analysis (short paper). In: 6th International Conference on Critical Information Infrastructure Security, CRITIS 2011 (2011)
Sokolowski, J., Turnitsa, C., Diallo, S.: A conceptual modeling method for critical infrastructure modeling. In: 41st Annual Simulation Symposium, ANSS 2008, pp. 203–211 (April 2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Schaberreiter, T., Bouvry, P., Röning, J., Khadraoui, D. (2014). Support Tool for a Bayesian Network Based Critical Infrastructure Risk Model. In: Schuetze, O., et al. EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation III. Studies in Computational Intelligence, vol 500. Springer, Heidelberg. https://doi.org/10.1007/978-3-319-01460-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-01460-9_3
Publisher Name: Springer, Heidelberg
Print ISBN: 978-3-319-01459-3
Online ISBN: 978-3-319-01460-9
eBook Packages: EngineeringEngineering (R0)